7 March 2017

As you've probably read, WikiLeaks has released a trove of purported
CIA documents describing their hacking tools. There's a lot more
that will be learned, as people work their way through the documents. For
now, though, I want to focus on something that's being misreported,
possibly because of deliberately misleading text by WikiLeaks itself.

These techniques permit the CIA to bypass the encryption of
WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by
hacking the "smart" phones that they run on and collecting audio
and message traffic before encryption is applied.

Both uncritically accepted the premise: that there's something wrong
with these encryption apps. Nothing could be farther from the truth.
Rather, the existence of these hacking tools is a testimonial to the
strength of the encryption. It's hard or impossible to break, so the
CIA is resorting to expensive, targeted attacks.

As far as is publicly known, the encryption is strong. Even if it it
somewhat weak, modern cryptosystems don't fall in an instant; it takes a
fair amount of computation to crack each instance.
The CIA is hacking because that's what's left.

Hacking the endpoints—something I and my colleagues have
advocated
for
years—is
the right way to get around encryption. It's much better than putting
in back doors, since those can lead to
serious weaknesses.
And it's not going to stop. As I've
previous observed,
spying will stop some time after a sustained outbreak of world
peace. Spies, in other words, will always do
whatever
they need to do
to gather information.

(What is the real story here? The big news is that this trove of
files has been taken from the CIA, only a few months after a large
collection of NSA files
was
stolen.
Some counterintelligence officers have a lot of 36 hour days ahead of them.)